Google Paid Out $17 Million in Bug Bounty Rewards in 2025

Google announced paying out $17.1 million in rewards via its bug bounty programs in 2025, for a total of $81.6 million handed out over the past 15 years.

The 2025 amount marked a 40% increase in payouts compared to the previous year, when Google paid out $12 million to bug hunters.

More than 700 security researchers were rewarded via Google’s vulnerability reward programs (VRPs) in 2025, when rewards of $250,000 were handed out to researchers who demonstrated full-chain sandbox escape attacks in Chrome.

Overall, Google awarded just over $3.7 million to more than 100 researchers who reported security defects in the Chrome browser. The top researcher earned $811,000 in bug bounties, the company’s leaderboard shows.

These efforts, the company says, helped strengthen the V8 engine’s sandbox protections and improve memory safety mechanisms.

Participants in Google’s VRPs also showed increased interest in ...